Sun Oct 17 05:16:17 2021
EVENTS
 FREE
SOFTWARE
INSTITUTE

POLITICS
JOBS
MEMBERS'
CORNER

MAILING
LIST

NYLXS Mailing Lists and Archives
NYLXS Members have a lot to say and share but we don't keep many secrets. Join the Hangout Mailing List and say your peice.

DATE 2008-07-01

HANGOUT

2021-10-17 | 2021-09-17 | 2021-08-17 | 2021-07-17 | 2021-06-17 | 2021-05-17 | 2021-04-17 | 2021-03-17 | 2021-02-17 | 2021-01-17 | 2020-12-17 | 2020-11-17 | 2020-10-17 | 2020-09-17 | 2020-08-17 | 2020-07-17 | 2020-06-17 | 2020-05-17 | 2020-04-17 | 2020-03-17 | 2020-02-17 | 2020-01-17 | 2019-12-17 | 2019-11-17 | 2019-10-17 | 2019-09-17 | 2019-08-17 | 2019-07-17 | 2019-06-17 | 2019-05-17 | 2019-04-17 | 2019-03-17 | 2019-02-17 | 2019-01-17 | 2018-12-17 | 2018-11-17 | 2018-10-17 | 2018-09-17 | 2018-08-17 | 2018-07-17 | 2018-06-17 | 2018-05-17 | 2018-04-17 | 2018-03-17 | 2018-02-17 | 2018-01-17 | 2017-12-17 | 2017-11-17 | 2017-10-17 | 2017-09-17 | 2017-08-17 | 2017-07-17 | 2017-06-17 | 2017-05-17 | 2017-04-17 | 2017-03-17 | 2017-02-17 | 2017-01-17 | 2016-12-17 | 2016-11-17 | 2016-10-17 | 2016-09-17 | 2016-08-17 | 2016-07-17 | 2016-06-17 | 2016-05-17 | 2016-04-17 | 2016-03-17 | 2016-02-17 | 2016-01-17 | 2015-12-17 | 2015-11-17 | 2015-10-17 | 2015-09-17 | 2015-08-17 | 2015-07-17 | 2015-06-17 | 2015-05-17 | 2015-04-17 | 2015-03-17 | 2015-02-17 | 2015-01-17 | 2014-12-17 | 2014-11-17 | 2014-10-17 | 2014-09-17 | 2014-08-17 | 2014-07-17 | 2014-06-17 | 2014-05-17 | 2014-04-17 | 2014-03-17 | 2014-02-17 | 2014-01-17 | 2013-12-17 | 2013-11-17 | 2013-10-17 | 2013-09-17 | 2013-08-17 | 2013-07-17 | 2013-06-17 | 2013-05-17 | 2013-04-17 | 2013-03-17 | 2013-02-17 | 2013-01-17 | 2012-12-17 | 2012-11-17 | 2012-10-17 | 2012-09-17 | 2012-08-17 | 2012-07-17 | 2012-06-17 | 2012-05-17 | 2012-04-17 | 2012-03-17 | 2012-02-17 | 2012-01-17 | 2011-12-17 | 2011-11-17 | 2011-10-17 | 2011-09-17 | 2011-08-17 | 2011-07-17 | 2011-06-17 | 2011-05-17 | 2011-04-17 | 2011-03-17 | 2011-02-17 | 2011-01-17 | 2010-12-17 | 2010-11-17 | 2010-10-17 | 2010-09-17 | 2010-08-17 | 2010-07-17 | 2010-06-17 | 2010-05-17 | 2010-04-17 | 2010-03-17 | 2010-02-17 | 2010-01-17 | 2009-12-17 | 2009-11-17 | 2009-10-17 | 2009-09-17 | 2009-08-17 | 2009-07-17 | 2009-06-17 | 2009-05-17 | 2009-04-17 | 2009-03-17 | 2009-02-17 | 2009-01-17 | 2008-12-17 | 2008-11-17 | 2008-10-17 | 2008-09-17 | 2008-08-17 | 2008-07-17 | 2008-06-17 | 2008-05-17 | 2008-04-17 | 2008-03-17 | 2008-02-17 | 2008-01-17 | 2007-12-17 | 2007-11-17 | 2007-10-17 | 2007-09-17 | 2007-08-17 | 2007-07-17 | 2007-06-17 | 2007-05-17 | 2007-04-17 | 2007-03-17 | 2007-02-17 | 2007-01-17 | 2006-12-17 | 2006-11-17 | 2006-10-17 | 2006-09-17 | 2006-08-17 | 2006-07-17 | 2006-06-17 | 2006-05-17 | 2006-04-17 | 2006-03-17 | 2006-02-17 | 2006-01-17 | 2005-12-17 | 2005-11-17 | 2005-10-17 | 2005-09-17 | 2005-08-17 | 2005-07-17 | 2005-06-17 | 2005-05-17 | 2005-04-17 | 2005-03-17 | 2005-02-17 | 2005-01-17 | 2004-12-17 | 2004-11-17 | 2004-10-17 | 2004-09-17 | 2004-08-17 | 2004-07-17 | 2004-06-17 | 2004-05-17 | 2004-04-17 | 2004-03-17 | 2004-02-17 | 2004-01-17 | 2003-12-17 | 2003-11-17 | 2003-10-17 | 2003-09-17 | 2003-08-17 | 2003-07-17 | 2003-06-17 | 2003-05-17 | 2003-04-17 | 2003-03-17 | 2003-02-17 | 2003-01-17 | 2002-12-17 | 2002-11-17 | 2002-10-17 | 2002-09-17 | 2002-08-17 | 2002-07-17 | 2002-06-17 | 2002-05-17 | 2002-04-17 | 2002-03-17 | 2002-02-17 | 2002-01-17 | 2001-12-17 | 2001-11-17 | 2001-10-17 | 2001-09-17 | 2001-08-17 | 2001-07-17 | 2001-06-17 | 2001-05-17 | 2001-04-17 | 2001-03-17 | 2001-02-17 | 2001-01-17 | 2000-12-17 | 2000-11-17 | 2000-10-17 | 2000-09-17 | 2000-08-17 | 2000-07-17 | 2000-06-17 | 2000-05-17 | 2000-04-17 | 2000-03-17 | 2000-02-17 | 2000-01-17 | 1999-12-17

Key: Value:

Key: Value:

MESSAGE
DATE 2008-07-25
FROM prmarino1@gmail.com
SUBJECT Re: [NYLXS - HANGOUT] [rick@linuxmafia.com: [conspire] DNS vulnerability details]
From lest-hangout-at-mrbrklyn.com Fri Jul 25 20:29:01 2008
Received: from www2.mrbrklyn.com (localhost [127.0.0.1])
by www2.mrbrklyn.com (8.13.1/8.13.1/SuSE Linux 0.7) with ESMTP id m6Q0Sw9G021531
for ; Fri, 25 Jul 2008 20:29:00 -0400
Received: (from majordomo-at-localhost)
by www2.mrbrklyn.com (8.13.1/8.13.1/Submit) id m6Q0Swti021528
for hangout-outgoings; Fri, 25 Jul 2008 20:28:58 -0400
X-Authentication-Warning: www2.mrbrklyn.com: majordomo set sender to lest-hangout-at-nylxs.com using -f
Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.231])
by www2.mrbrklyn.com (8.13.1/8.13.1/SuSE Linux 0.7) with ESMTP id m6Q0SsDR021515
for ; Fri, 25 Jul 2008 20:28:56 -0400
Received: by wx-out-0506.google.com with SMTP id h29so2175601wxd.11
for ; Fri, 25 Jul 2008 17:28:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=gamma;
h=domainkey-signature:received:received:subject:to:x-mailer
:message-id:cc:from:date;
bh=xGK55lIurcmEZmQPzAzF7iclr52sLiAvtcIiZGlDoBI=;
b=ud+d/hFHF99Z2rj9AdHQvw6Z5wEtUQqW9T2VhmKA9r+ucRDDo4d066X/O0+PtoiBjS
9swNC3ZbOJZpNHdfvDrjKdkN3+oWU8gxTi6wj+Lt6Hecxhu+OOu7u1Ybh5RLUvBmNwzH
KY8JIY+ZuKy8AC3kGzaB+N3FtLVLnXihqE2Co=
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=gmail.com; s=gamma;
h=subject:to:x-mailer:message-id:cc:from:date;
b=u/QD4fsKM/w3ZbZCwjNXCsR1FTpPIMS0/kOKEunBim6wRLkoFp25XsVJVxOA1zjdKt
sYEV89Im5fm9ss6KoQGciMb44oORnv91qQbPvckrgIH/sW+3ZvUyUUageNlx+/Pk1XRM
WG10jcLtQZbm0WNibC9ym7g7WLDLUvmyoRYCk=
Received: by 10.70.27.5 with SMTP id a5mr2655999wxa.63.1217032111670;
Fri, 25 Jul 2008 17:28:31 -0700 (PDT)
Received: from ?10.190.61.55? ( [208.54.94.75])
by mx.google.com with ESMTPS id a13sm10283674rnc.10.2008.07.25.17.28.23
(version=TLSv1/SSLv3 cipher=RC4-MD5);
Fri, 25 Jul 2008 17:28:30 -0700 (PDT)
Subject: Re: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: [conspire] DNS vulnerability details]
To:
X-Mailer: ChatterEmail+ for Treo 6xx/700p (3.0.18)
Message-ID: <3299862504.3066523-at-smtp.gmail.com>
CC:
From: prmarino1-at-gmail.com
Date: Fri, 25 Jul 2008 17:28:30 -0700 (PDT)
Sender: lest-hangout-at-mrbrklyn.com
Precedence: bulk
Reply-To: hangout-at-mrbrklyn.com

ok so why don't we just encryptit like a website.
so why not sign the dns data using a ca (certificate athority) data.
There is nothing that prevents a dns server fron having its own embeded ca, in truth there is no real reason why every domain on the web shouldn't have their own ho and you don't actualy need verisign or any other service to do it.

IF ONLY IT WAS THAT SIMPLE!

There is still a problem with this. Verisign got involved in the writing of the rfc for tls. You know verisign they are the comercial company that is now incharge of the root dns's since the US government decoded they nolonger wanted to manage, track, and assign all of the possible domain in the world.

For those of you not familiar with this verisign was also the company who in an effort to provide good customer support handed a person who walked in off the street the root ca cert private key and password for the ca. Why did the do this because the person claimed they were a microsoft employee and that microsoft had lost their ca and the password to it. The good people at verisign did this without asking for ID or even attempting to call microsoft to verify this.

Here is where it gets intresting according to the rfc's that describe tls requiers that the client must be both forward and reverse lookup the server that the key was issued to via DNS. Not only that but the uri to the public ca cert is also in the tls cert. For the confirmation check.
What does this meen? It meens that the 4th generation of ssl whic is used for many things like the rfc's for LDAPv3 protocoll and various other "secure standards" like IPK rely on the security of the dns for maintaining the itegrity of their own security.



-----------------------
Sent from my Treo(r) smartphone

-----Original Message-----
From: Ruben Safir
Date: Friday, Jul 25, 2008 7:07 pm
Subject: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: [conspire] DNS vulnerability details]
To: hangout-at-mrbrklyn.comReply-To: hangout-at-mrbrklyn.com

----- Forwarded message from Rick Moen -----

Date: Wed, 23 Jul 2008 15:03:53 -0700
From: Rick Moen
To: conspire-at-linuxmafia.com
X-Mas: Bah humbug.
User-Agent: Mutt/1.5.11+cvs20060403
X-BeenThere: conspire-at-linuxmafia.com
X-Mailman-Version: 2.1.8rc1
Precedence: list
List-Id: "Local mailing list for the CABAL Linux user group."

List-Unsubscribe: ,

List-Archive:
List-Post:
List-Help:
List-Subscribe: ,

Errors-To: conspire-bounces-at-linuxmafia.com
X-EximConfig: v2.0 on linuxmafia.com (http://www.jcdigita.com/eximconfig) X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: conspire-bounces-at-linuxmafia.com
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on linuxmafia.com X-Spam-Level:
X-Spam-Status: No, score=-2.6 required=4.0 tests=BAYES_00,SPF_HELO_PASS
autolearn=unavailable version=3.1.1
Subject: [conspire] DNS vulnerability details
X-SA-Exim-Version: 4.2.1 (built Mon, 27 Mar 2006 13:42:28 +0200)


Transcribed from http://amd.co.at/dns.htm and character-coding errors fixed. (Site says the post will expire, there, in a few hours, though the author seems to be making an effort to keep renewing it.)





Reliable DNS Forgery in 2008: Kaminsky's Discovery
from Matasano Chargen by ecopeland


0.
The cat is out of the bag. Yes, Halvar Flake figured out the flaw Dan Kaminsky will announce at Black Hat.


1.
Pretend for the moment that you know only the basic function of DNS -- that it translates WWW.VICTIM.COM into 1.2.3.4. The code that does this is called a resolver. Each time the resolver contacts the DNS to
translate names to addresses, it creates a packet called a query. The exchange of packets is called a transaction. Since the number of packets flying about on the internet requires scientific notation to express, you can imagine there has to be some way of not mixing them up.

Bob goes to to a deli, to get a sandwich. Bob walks up to the counter, takes a pointy ticket from a round red dispenser. The ticket has a
number on it. This will be Bob's unique identifier for his sandwich
acquisition transaction. Note that the number will probably be used
twice -- once when he is called to the counter to place his order and again when he's called back to get his sandwich. If you're wondering, Bob likes ham on rye with no onions.

If you've got this, you have the concept of transaction IDs, which are numbers assigned to keep different transactions in order. Conveniently, the first sixteen bits of a DNS packet is just such a unique identifier. It's called a query id (QID). And with the efficiency of the deli, the QID is used for multiple transactions.

2.
Until very recently, there were two basic classes of DNS
vulnerabilities. One of them involves mucking about with the QID in DNS packets and the other requires you to know the Deep Magic. First, QIDs.

Bob's a resolver and Alice is a content DNS server. Bob asks Alice for the address of WWW.VICTIM.COM. The answer is 1.2.3.4. Mallory would like the answer to be 6.6.6.0. It is a (now not) secret shame of mine that for a great deal of my career, creating and sending packets was, to me, Deep Magic. Then it became part of my job, and I learned that it is
surprisingly trivial. So put aside the idea that forging IP packets is the hard part of poisoning DNS. If I'm Mallory and I'm attacking Bob, how can he distinguish my packets from Alice's? Because I can't see the QID in his request, and the QID in my response won't match. The QID is the only thing protecting the DNS from Mallory (me).

QID attacks began in the olden days, when BIND simply incremented the QID with every query response. If you can remember 1995, here's a
workable DNS attack. Think fast: 9372 + 1. Did you get 9372, or even
miss and get 9373? You win, Alice loses. Mallory sends a constant stream of DNS responses for WWW.VICTIM.COM. All are quietly discarded -- until Mallory gets Bob to query for WWW.VICTIM.COM. If Mallory's response gets to your computer before the legitimate response arrives from your ISP's name server, you will be redirected where Mallory tells you you're
going.

Obvious fix: you want the QID be randomly generated. Now Alice and
Mallory are in a race. Alice sees Bob's request and knows the QID.
Mallory has to guess it. The first one to land a packet with the correct QID wins. Randomized QIDs give Alice a big advantage in this race.

But there's a bunch more problems here: * If you convince Bob to ask Alice the same question 1000 times all at once, and Bob uses a different QID for each packet, you made the race 1000 times easier for Mallory to win. * If Bob uses a crappy random number generator, Mallory can get Bob to ask for names she controls, like WWW.EVIL.COM, and watch how the QIDs bounce around; eventually, she'll break the RNG and be able to predict its outputs. * 16 bits just isn't big enough to provide real security at the traffic rates we deal with in 2008.

Your computer's resolver is probably a stub. Which means it won't really save the response. You don't want it to. The stub asks a real DNS
server, probably run by your ISP. That server doesn't know everything. It can't, and shouldn't, because the whole idea of DNS is to compensate for the organic and shifting nature of internet naming and addressing. Frequently, that server has to go ask another, and so on. The cool kids call this "recursion".

Responses carry another value, too, called a time to live (TTL). This number tells your name server how long to cache the answer. Why?
Because they deal with zillions of queries. Whoever wins the race
between Alice and Mallory, their answer gets cached. All subsequent
responses will be dropped. All future requests for that same data,
within the TTL, come from that answer. This is good for whoever wins the race. If Alice wins, it means Mallory can't poison the cache for that name. If Mallory wins, the next 10,000 or so people that ask that cache where WWW.VICTIM.COM is go to 6.6.6.0.


3.
Then there's that other set of DNS vulnerabilities. These require you to pay attention in class. They haven't really been talked about since
1997. And they're hard to find, because you have to understand how DNS works. In other words, you have to be completely crazy. Lazlo Hollyfeld crazy. I'm speaking of course of RRset poisoning.

DNS has a complicated architecture. Not only that, but not all name servers run the same code. So not all of them implement DNS in exactly the same way. And not only that, but not all name servers are configured properly.

I just described a QID attack that poisons the name server's cache. This attack requires speed, agility and luck, because if the "real"
answer happens to arrive before your spoofed one, you're locked out.

Fortunately for those of you that have a time machine, some versions of DNS provide you with another way to poison the name server's cache
anyway. To explain it, I will have to explain more about the format of a DNS packet.

DNS packets are variable in length and consist of a header, some flags and resource records (RRs). RRs are where the goods ride around. There are up to three sets of RRs in a DNS packet, along with the original
query. These are: * Answer RRs, which contain the answer to whatever
question you asked (such as the A record that says WWW.VICTIM.COM is
1.2.3.4) * Authority RRs, which tell resolvers which name servers to
refer to to get the complete answer for a question * Additional RRs,
sometimes called "glue", which contain any additional information needed to make the response effective. A word about the Additional RRs. Think about an NS record, like the one that COM's name server uses to tell us that, to find out where WWW.VICTIM.COM is, you have to ask
NS1.VICTIM.COM. That's good to know, but it's not going to help you
unless you know where to find NS1.VICTIM.COM. Names are not addresses. This is a chicken and egg problem. The answer is, you provide both the NS record pointing VICTIM.COM to NS1.VICTIM.COM, and the A record
pointing NS1.VICTIM.COM to 1.2.3.1.

Now, let's party like it's 1995.

Download the source code for a DNS implementation and hack it up such that every time it sends out a response, it also sends out a little bit of evil -- an extra Additional RR with bad information. Then let's set up an evil server with it, and register it as EVIL.COM. Now get a bunch of web pages up with IMG tags pointing to names hosted at that server. Bob innocently loads up a page with the malicious tags which coerces his browser into resolving that name. Bob asks Alice to resolve that name. Here comes recursion: eventually the query arrives at our evil server. Which sends back a response with an unexpected (evil) Additional RR. If Alice's cache honors the unexpected record, it's 1995 - buy CSCO!
- and you just poisoned their cache. Worse, it will replace the "real" data already in the cache with the fake data. You asked where
WWW.EVIL.COM was (or rather, the image tags did). But Alice also "found out" where WWW.VICTIM.COM was: 6.6.6.0. Every resolver that points to that name server will now gladly forward you to the website of the
beast.


4.
It's not 1995. It's 2008. There are fixes for the attacks I have
described.

Fix 1:

The QID race is fixed with random IDs, and by using a strong random number generator and being careful with the state you keep for queries.
16 bit query IDs are still too short, which fills us with dread. There are hacks to get around this. For instance, DJBDNS randomizes the source port on requests as well, and thus won't honor responses unless they
come from someone who guesses the ~16 bit source port. This brings us close to 32 bits, which is much harder to guess.

Fix 2:

The RR set poisoning attack is fixed by bailiwick checking, which is a quirky way of saying that resolvers simply remember that if they're
asking where WWW.VICTIM.COM is, they're not interested in caching a new address for WWW.GOOGLE.COM in the same transaction.

Remember how these fixes work. They're very important.

And so we arrive at the present day.


5.
Let's try again to convince Bob that WWW.VICTIM.COM is 6.6.6.0. This time though, instead of getting Bob to look up WWW.VICTIM.COM and then beating Alice in the race, or getting Bob to look up WWW.EVIL.COM and slipping strychnine into his ham sandwich, we're going to be clever
(sneaky).

Get Bob to look up AAAAA.VICTIM.COM. Race Alice. Alice's answer is
NXDOMAIN, because there's no such name as AAAAA.VICTIM.COM. Mallory has an answer. We'll come back to it. Alice has an advantage in the race, and so she likely beats Mallory. NXDOMAIN for AAAAA.VICTIM.COM. Alice's advantage is not insurmountable. Mallory repeats with AAAAB.VICTIM.COM. Then AAAAC.VICTIM.COM. And so on. Sometime, perhaps around
CXOPQ.VICTIM.COM, Mallory wins! Bob believes CXOPQ.VICTIM.COM is
6.6.6.0!

Poisoning CXOPQ.VICTIM.COM is not super valuable to Mallory. But Mallory has another trick up her sleeve. Because her response didn't just say CXOPQ.VICTIM.COM was 6.6.6.0. It also contained Additional RRs pointing WWW.VICTIM.COM to 6.6.6.0. Those records are in-bailiwick: Bob is in
fact interested in VICTIM.COM for this query. Mallory has combined
attack #1 with attack #2, defeating fix #1 and fix #2. Mallory can
conduct this attack in less than 10 seconds on a fast Internet link.


_______________________________________________
conspire mailing list
conspire-at-linuxmafia.com
http://linuxmafia.com/mailman/listinfo/conspire

----- End forwarded message -----

--
http://www.mrbrklyn.com - Interesting Stuff
http://www.nylxs.com - Leadership Development in Free Software

So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998

http://fairuse.nylxs.com DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002

"Yeah - I write Free Software...so SUE ME"

"The tremendous problem we face is that we are becoming sharecroppers to our own cultural heritage -- we need the ability to participate in our own society."

"> I'm an engineer. I choose the best tool for the job, politics be damned.< You must be a stupid engineer then, because politcs and technology have been attached at the hip since the 1st dynasty in Ancient Egypt. I guess you missed that one."

© Copyright for the Digital Millennium


  1. 2008-07-01 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C programming Workshop part II
  2. 2008-07-01 swd <sderrick-at-optonline.net> Re: [NYLXS - HANGOUT] Need to get rid of a whole bunch of programming
  3. 2008-07-01 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] Need to get rid of a whole bunch of programming
  4. 2008-07-01 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Need to get rid of a whole bunch of programming books. TALK ABOUT FREE SOFTWARE!!!
  5. 2008-07-01 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Gates: Windows really sucks
  6. 2008-07-01 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] Need to get rid of a whole bunch of programming
  7. 2008-07-02 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [david-at-thekramers.net: Fedora 9 X dual screen problems]
  8. 2008-07-02 swd <sderrick-at-optonline.net> Re: [NYLXS - HANGOUT] Need to get rid of a whole bunch of programming
  9. 2008-07-02 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2 (section 2.1)
  10. 2008-07-03 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2.1
  11. 2008-07-03 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] July 4th
  12. 2008-07-03 Shoshana Rivka Safir <shani-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Post high school jobs or internships?
  13. 2008-07-03 meg7-at-nyu.edu Re: [NYLXS - HANGOUT] July 4th
  14. 2008-07-03 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] July 4th
  15. 2008-07-03 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] July 4th
  16. 2008-07-03 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Post high school jobs or internships?
  17. 2008-07-03 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2.3
  18. 2008-07-03 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] Post high school jobs or internships?
  19. 2008-07-04 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [alan-at-patriot.net: [Dclug] Our Fourth Amendment]
  20. 2008-07-04 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] 4th of July Plans
  21. 2008-07-04 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Workshops
  22. 2008-07-05 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Might be time for a visit to Congress again
  23. 2008-07-05 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  24. 2008-07-05 From: "Michael L. Richardson" <mlr52-at-mycouponmagic.com> Re: [NYLXS - HANGOUT] Workshops
  25. 2008-07-05 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Workshops
  26. 2008-07-06 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  27. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [meissner-at-suse.de: [security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2008:031)]
  28. 2008-07-07 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  29. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [meissner-at-suse.de: [security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2008:032)]
  30. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  31. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  32. 2008-07-07 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  33. 2008-07-07 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  34. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  35. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  36. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  37. 2008-07-07 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  38. 2008-07-07 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  39. 2008-07-07 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  40. 2008-07-07 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  41. 2008-07-07 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Post high school jobs or internships?
  42. 2008-07-07 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  43. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [nyc-at-workatjelly.com: Jelly in Manhattan this Friday, 7/11]
  44. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  45. 2008-07-07 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  46. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  47. 2008-07-07 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  48. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  49. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  50. 2008-07-08 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  51. 2008-07-08 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  52. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  53. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  54. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  55. 2008-07-08 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  56. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  57. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] ASUS/GNU
  58. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] While we're on this topic
  59. 2008-07-08 From: "Tameek" <tameek-at-gmail.com> Re: [NYLXS - HANGOUT] [nyc-at-workatjelly.com: Jelly in Manhattan this Friday, 7/11]
  60. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] [nyc-at-workatjelly.com: Jelly in Manhattan this Friday, 7/11]
  61. 2008-07-09 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] [nyc-at-workatjelly.com: Jelly in Manhattan this
  62. 2008-07-09 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Installfest this weekend?
  63. 2008-07-09 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] Installfest this weekend?
  64. 2008-07-09 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Post high school jobs or internships?
  65. 2008-07-12 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Installfest this weekend?
  66. 2008-07-12 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] GNU/Linux INSTALLFEST/HACKFEST NYC Local
  67. 2008-07-12 Contrarian <adrba-at-nyct.net> Subject: [NYLXS - HANGOUT] "Gates of Vienna" blog averts DMCA prosecution
  68. 2008-07-14 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Re: Linux on the desktop - it's come a long way, but is it there yet?
  69. 2008-07-15 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] so much for Apples Free Software pitch
  70. 2008-07-15 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] grep
  71. 2008-07-15 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] grep
  72. 2008-07-15 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2.2
  73. 2008-07-18 Contrarian <adrba-at-nyct.net> Subject: [NYLXS - HANGOUT] [BrooklynFreeCycle] offer---- old library card catalog file cabinet
  74. 2008-07-18 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] HAckfest/Installfest
  75. 2008-07-18 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Re: [nylug-talk] HAckfest/Installfest
  76. 2008-07-18 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Hackfest/Installfest
  77. 2008-07-18 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Tax Exempy Status
  78. 2008-07-19 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Installfest/Hackfest Tomorrow
  79. 2008-07-20 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Installfest/Hackfest
  80. 2008-07-21 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [notification+zjaayj4y-at-facebookmail.com: "Ted & Amy Supper Club (NYC)" sent you a message on Facebook...]
  81. 2008-07-22 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2.2.3
  82. 2008-07-22 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] [notification+zjaayj4y-at-facebookmail.com: "Ted & Amy Supper Club (NYC)" sent you a message on Facebook...]
  83. 2008-07-22 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] [notification+zjaayj4y-at-facebookmail.com: "Ted & Amy Supper Club (NYC)" sent you a message on Facebook...]
  84. 2008-07-23 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C Programming Workshop
  85. 2008-07-23 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [dalmolin-at-e-cology.ca: [Hardhats] COMMITTEE ON WAYS AND MEANS: Promoting Health IT Hearing]
  86. 2008-07-23 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2.3.4
  87. 2008-07-24 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Dell GNU Systems
  88. 2008-07-25 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: [conspire] DNS vulnerability details]
  89. 2008-07-25 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Re: [conspire] DNS vulnerability details
  90. 2008-07-25 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Re: [conspire] DNS vulnerability details
  91. 2008-07-25 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Radio Broadcasting
  92. 2008-07-25 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: [conspire] DNS vulnerability details]
  93. 2008-07-25 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: [conspire] DNS vulnerability details]
  94. 2008-07-25 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Re: [conspire] DNS vulnerability details
  95. 2008-07-26 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] unionfs
  96. 2008-07-26 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] unionfs
  97. 2008-07-26 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] unionfs
  98. 2008-07-27 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] unionfs
  99. 2008-07-27 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] unionfs
  100. 2008-07-27 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] unionfs
  101. 2008-07-27 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] unionfs
  102. 2008-07-27 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] unionfs
  103. 2008-07-28 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [nyc-at-workatjelly.com: Jelly in Fort Greene Friday, 8/1]
  104. 2008-07-29 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [Volunteer4-at-JohnMcCain.com: McCain Campaign Internships]
  105. 2008-07-30 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] August Plans
  106. 2008-07-30 From: <tameek-at-gmail.com> RE: [NYLXS - HANGOUT] August Plans
  107. 2008-07-30 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] August Plans
  108. 2008-07-30 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] August Plans
  109. 2008-07-30 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] August Plans
  110. 2008-07-30 From: <tameek-at-gmail.com> RE: [NYLXS - HANGOUT] August Plans
  111. 2008-07-30 From: "Michael L. Richardson" <mlr52-at-mycouponmagic.com> Re: [NYLXS - HANGOUT] August Plans
  112. 2008-07-30 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] August Plans
  113. 2008-07-30 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] August Plans
  114. 2008-07-30 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] August Plans
  115. 2008-07-30 From: <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] August Plans
  116. 2008-07-31 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Time to trash the eeepc
  117. 2008-07-31 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] KDE really sucks
  118. 2008-07-31 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] KDE really sucks
  119. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  120. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  121. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] KDE really sucks
  122. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] KDE really sucks
  123. 2008-07-31 From: "Stan Davenport" <stan-at-Etrtechcenter.com> Subject: [NYLXS - HANGOUT] Ruben,Opening On Long Island Near Hicksville RR Linix Developer Any
  124. 2008-07-31 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] KDE really sucks
  125. 2008-07-31 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Time to trash the eeepc
  126. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  127. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  128. 2008-07-31 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Time to trash the eeepc
  129. 2008-07-31 From: <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] Time to trash the eeepc
  130. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  131. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  132. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  133. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  134. 2008-07-31 From: <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] Time to trash the eeepc

NYLXS are Do'ers and the first step of Doing is Joining! Join NYLXS and make a difference in your community today!